package com.spring.arch.config;

import com.spring.arch.common.security.SecurityProperties;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;

/**
 * 资源服务配置
 *
 * @author Frank
 */
@EnableConfigurationProperties(SecurityProperties.class)
@Configuration
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    private static final String SECURITY_IGNORE_URLS_SPILT_CHAR = ",";

    @Autowired
    private SecurityProperties securityProperties;

    @Override
    public void configure(ResourceServerSecurityConfigurer configurer) {
        configurer.resourceId(securityProperties.getAuth().getResourceId());
    }


    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.cors().and().csrf().disable();

        if (StringUtils.isNotBlank(securityProperties.getExcludeAuthUrl())) {
            final String[] excludeAuthUrl = StringUtils.split(securityProperties.getExcludeAuthUrl(), SECURITY_IGNORE_URLS_SPILT_CHAR);
            // 资源放行
//            http.authorizeRequests()
//                    .antMatchers(excludeAuthUrl).permitAll()
//                    .antMatchers("/**").authenticated();
            
            http.authorizeRequests().antMatchers("/**").permitAll();
        }
    }

}
